: Firefox 31 not loading SSL site Firefox 31 was released yesterday, and it seems like it has a problem with SSL: Secure Connection Failed An error occurred during a connection to api.joeyco.com.

@Deb1703797

It is not recommended to mess with that global security setting, but add trusted hosts instead if you really need to.

See this link for information about 'Renegotiation' (CVE-2009-3555):
wiki.mozilla.org/Security:Renegotiation https://wiki.mozilla.org/Security:Renegotiation#security.ssl.renego_unrestricted_hosts

You can look at the security.ssl.renego_unrestricted_hosts pref on the about:config page and add the sites that you want to allow to the string value.

Separate multiple host names by a comma.

Vote Up Vote Down

@Michele947

Actually your website has a problem of using insecure SSL ciphers.

You should configure the ciphers in your web server like this:

ssl_prefer_server_ciphers On;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;


Credit for the configration goes to hynek.me/articles/hardening-your-web-servers-ssl-ciphers/ .

You should also consider removing SSLv3 from ssl_protocols, since it is not that safe either. IE6 users running Windows XP won't be able to connect to your site if you have SSLv3 disabled.

Vote Up Vote Down